Copy Aegis Authenticator to a new Android;
November 12, 2021. I use the free Aegis Authenticator on Android to
generate one-time codes for two-step login to websites. Unlike Google
authenticator, it lets you set an encryption password that's independent
of the Android's unlock password. Thus, an unlocked phone is not
sufficient to spill the beans.
But my cell company is killing my Nokia 2.2, which was released in
June 2019. Gee, it's not even 3 years old yet. So I chose another
Android. When I activated, I only had the choice of restoring
all of my old apps and data. I didn't want to do that. I wanted
a clean slate and clear delineation between the crapware on the new
phone and the apps on the old.
That left me with the question of how to get my Aegis app and data
moved to the new phone without having to suffer a through two-step setup
process per site again. One method is to install Aegis on the new phone,
open it on the old phone, and one by one have it generate QR codes for
the new Aegis to read in. But that's cumbersome.
There is a better way. Here it is:
- Make sure that the old Aegis has a truly strong
passphrase. You're going to transfer its database through
Google Drive. That database contains the keys to your Kingdom. It could
leak, subjecting it to offline attack. If the encryption method doesn't
deter computer guessing, a botnet can break four random words in an
hour, so five random words is a bare minimum. Pick them with Diceware
(theworld.com/~reinhold/diceware.html). You can use the settings menu to
change the password.
- Unlock the old vault.
- Use the 3-dot menu to pick settings, export, aegis JSON format,
encrypted, share, Google Drive.
- Close.
- On the new phone, pick the Google Play store and install Aegis.
- You might as well set it up with the same password.
- Use the 3-dot menu to pick settings, import, import from file,
aegis, Drive, My Drive (folder): and pick the file 'aegis-export....'
You'll need to enter the password of the old Aegis vault. Then pick the
item at the bottom of the screen to complete the import.
- Now consider visiting Google Drive, deleting the 'Aegis-export'
file, and emptying the trash. A file that isn't in the cloud anymore is
less likely to fall into the wrong hands.
You can't be too paranoid.
📧 Send Comment
Walt.Gregg.Juneau.AK.US/contact
🏡 Home Page
Walt.Gregg.Juneau.AK.US